We performed a comparison between Microsoft Defender for Office 365 and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Email Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product's scalability is good."
"Microsoft Defender has a feature to protect each and every attachment. Even if it's an encrypted attachment, it will check for any potential threats."
"There are several features that I consider valuable."
"The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time."
"The deployment capability is a great feature."
"Defender enables us to secure all 365-related activity from a single place. It gives us visibility into everything happening in Outlook, protecting us against phishing and other email-based threats. Defender helps us detect any suspicious behaviors."
"The initial setup was easy."
"Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected."
"Offers a good wireless feature."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"The solution is really scalable for the high-end power, enterprise customer."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"It's quite economical compared to other solutions in the market."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The pre-sales cost calculations could be more transparent."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"The UI needs to be more user-friendly."
"We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice."
"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically."
"About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting."
"The GUI is sometimes slow to fetch the device report and could be improved."
"Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added."
"Health monitoring of the event sources and devices."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"The user interface is a little bit difficult for new users and it needs to be improved."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"The solution should have more integration capabilities with different platforms."
"Security needs improvement."
"The initial setup was complex because it takes a lot of time to complete the implementation."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Microsoft Defender for Office 365 is ranked 1st in Email Security with 41 reviews while NetWitness Platform is ranked 19th in Log Management with 36 reviews. Microsoft Defender for Office 365 is rated 8.4, while NetWitness Platform is rated 7.4. The top reviewer of Microsoft Defender for Office 365 writes "Allows for easy reporting of problems, valuable anti-phishing, and anti-malware support". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Microsoft Defender for Office 365 is most compared with Proofpoint Email Protection, Mimecast Email Security, Microsoft Exchange Online Protection (EOP), Cisco Secure Email and Barracuda Email Security Gateway, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our Microsoft Defender for Office 365 vs. NetWitness Platform report.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.